Netca 1 60-592 Instructor : Dr A. K. Agrawal
Yüklə
447 b.
tarix
14.10.2017
ölçüsü
447 b.
#4673
netcat1.1
60-592
Instructor : Dr A.K. Agrawal
Presented By: Ashutosh Sood
Purpose of Presentation…?
Analyze
the network
Identify the network security issues
Tools for Research
Information Gathering tools
Forensic tools
Network Utility tools
Password Auditing tools
Recovery And Restoration Tools
Vulnerability Scanning &
Analysis tools
What is netcat ?
Swiss Army Knife of Network
A versatile network Utility tool
Uses TCP and UDP protocol
Designed as a backend tool
Can be used directly
Driven by other programs
Power of netcat1.1
Can create Outbound or Inbound connections TCP
or UDP to or from any ports
Full DNS forward reverse checking
Can use any local port
Can use any locally configured network address
Port scanning with randomizer
Option to let other program service establish connections
Optional telnet responder
How Do I use netcat1.1 ?
General
form of usage is
nc [switches] [hostname] [portnumber]
Simplest Usage would be
nc –v www.msn.com 80
Use GET method GET / HTTP/1.0
Hostname can be a name or IP Address
Use of –n switch
Use of –n switch
If not specified performs forward and reverse DNS look up
Reports the problem of mismatched names in DNS
Options
-v
Controls the verbosity level
-w
Sets the network inactivity timeout
-p
Binds the connection
to specific port number
Options
-o
To obtain hexdump file of data sent either way
-l
Makes netcat wait for inbound connections
And once connection is established it transfers the data
Interesting -l
Can use to create like a listening netcat server
On listening end
D:\tools\nc>nc –l -p 1234 < test.txt
On client end
D:\tools\nc>nc 192.168.0.100 1234
Options
-L
Listen harder
-r
Randomize
port numbers
-z
Zero – I/O mode [used in scanning]
Options
-e
Allows to execute a program (dangerous)
-d
Allows to run in detached mode without console window
-u
Makes a UDP connection instead of TCP connection
Options
-s
Local source address
-i
Specifies delay interval for lines sent or ports scanned
-t
Answer telnet negotiation
Put the Knife to Use
Use It GOOD
Use It BAD
USE IT GOOD
Port
Scanning
Find what is out there
nc –v –w 5 –r davinci.newcs.uwindsor.ca 20-30
USE IT GOOD
Simple Data Transfer Agent
Immaterial which side is server and which side is client
Input at one goes as output to another
HEX Dump Feature
Can be used to analyze odd network protocols
USE IT GOOD
Performance Testing
Generate large amount of useless data on network with server on one end and client on other end we can use it to test network performance.
Protect
your workstations X server
DARK SIDE
Scanning for vulnerable services
Can use files as input to netcat and scan the system by using –i and –r switches
Can use –e option to execute programs
SYN-Bombing
Can disable TCP servers
EXAMPLE
Listen on port 21 (FTP Port) using netcat with –e switch to execute cmd.exe
FTP request made from a different machine on the listener machine
RESULT
Environment
Local Home Network
ISP --- Cogeco
Three PC’s
OS Windows XP
Connected via DLink Router
Cat 5 connecting cables used
Conclusion
Netcat is a very useful network utility tool
Very light but extremely effective
Particularly when it can listen and execute programs when connection requests are made on the specific ports
Credits
Chris Wysopal
Hobbit
www.atstake.com
Yüklə
447 b.
Dostları ilə paylaş:
Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət
Ana səhifə
Psixologiya